[ 
https://issues.apache.org/jira/browse/SHINDIG-1818?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Marshall Shi updated SHINDIG-1818:
----------------------------------

    Attachment: 36831.patch

Patch in attachment 36831.patch
                
> Ambiguous error message when gadgets are not whitelisted
> --------------------------------------------------------
>
>                 Key: SHINDIG-1818
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-1818
>             Project: Shindig
>          Issue Type: Improvement
>          Components: Java
>    Affects Versions: 2.5.0-beta2
>            Reporter: Marshall Shi
>            Priority: Minor
>             Fix For: 2.5.0-beta2
>
>         Attachments: 36831.patch
>
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> In Shindig when using gadget whitelisting and feature access control, there 
> are two error messages:
> 1. Gadget is not whitelisted:
> 403 The requested gadget is unavailable 
> 2. Gadget is requesting features that it does not have access too
> 400 The requested gadget is not authorized for this container
> The second error is perfect as it tells me that it has been rejected due to 
> an authorization error AND that it may be config related (Type 400 response).
> The first error is ambiguous however, as it looks almost exactly the same as 
> when the server that provides the gadget.xml is unavailable and / or rejects 
> the request.  Please change (1) to something like:
>       403 The requested gadget is not authorized for this container
> This will tell the user that the gadget is both not authorized and via the 
> response code (403) that it is missing from the whitelist entirely.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Reply via email to